Monthly Archives: January 2012

Admittedly, when I was heads-down in code earlier in my career, I did not pay much attention to reference architectures. We had our own internal architectures that served as ‘the way and the truth’, and reference architectures for our product or solution domain were simply out of scope. Anyway, reference architectures are, by design, not detailed enough to steer someone implementing one out of hundreds of components that will fall under said architectures. So, for the most part I ignored them, even though I could hear rumblings coming from rooms full of folks arguing over revision 25 of the reference architecture for some problem domain or another.

Fast forward a few years to a change of professional venue, and my outlook on reference architectures is a good deal different. If I were still developing, I’m sure my outlook would be much the same. However, talking with users on a frequent…

Dustin’s note: Seeing as the wsadmin command to rename a cell is not officially documented or supported, I have removed it from this post. I’m sorry, but it is for your own good!!

It seems like I get asked quite a bit about how to change node names and host names for a given WebSphere Application Server environment. It usually starts by someone asking me what configuration files they need to change when they want to update this information, and is followed by their surprise when I tell them none. The reason I say that is because it’s time consuming, hard, and unnecessary for you to figure this out. Instead, you can use two simple wsadmin commands. I’ll give you an example of those here (all written in Jython).

To change the name of a given node, use the following wsadmin command:

[This article was submitted for future publication on ThoughtsOnCloud.com]

Remember the skepticism around onlineshopping and e-commerce sites back in the day when the web was young?Everyone was afraid of giving out their credit card information overthe Internet, for fear it would be intercepted. We eventually gotover that fear, thanks to encryption technologies such as SecureSockets Layer (SSL), which make e-commerce much safer today. Thatsame technology also plays a role in cloud security, and that is onething to consider, along with other security issues when moving yourapplication to the cloud.

Publiccloud versus on-premises

You basically have the same securityissues and considerations for deploying applications on the cloud asyou do for running them on premises. The difference is that on cloud,some of those issues are handled by your cloud service provider. Theimportant thing to consider is how far the cloud service provider’sresponsibilities extend, and where your responsibilities as theclient, or virtual machine (VM) instance owner, take over.

Root access for customers to guest virtual machines, allowing further hardening of VMs

No sharing of private images between accounts on the cloud

Access to the portal and APIs, which requires a user ID and password

Users must comply with IBM’s stringentsecurity policies, and are subject to regular security scans.

Not all cloud providers offer the samekind of protection, so do your homework!

Image— or instance — is everything

As a VM instance owner on the IBMSmartCloud, you have root access and control over that instance as ifit were one of your own on premises, and you are responsible forsecurity on the instance itself. That means that it is up to you toconfigure access to that resource, install and run anti-virussoftware on it, and so on. Treat it like any other client in yourenterprise; it is just as vulnerable to threats and attack. This blogpost lists several useful links to articles about securing andmanaging your instances.

Getstarted with the IBM SmartCloud Enterprise: This articledescribes how to securely connect to, configure the firewall of, andmanage (encryption) keys for your instances. You should take care ofthese tasks immediately upon creating your instances. Determine whowill need access to your instances, determine the firewall ports thatneed to be open or closed, and be prepared to use and manage keys foraccess.

Why key managementis important

IBM SmartCloud employs encryption soyou can control access to your applications and data in the cloud.However, encryption alone does not guarantee security. Keys must alsobe stored and managed properly.

IBMSmartCloud Enterprise tip: Integrate your authentication policy usinga proxy: Describes how to create a proxy bridge between yourhomegrown applications and the IBM SmartCloud. This bridge can allowyou to implement finer-grained access control that cannot be directlyimplemented in the IBM SmartCloud portal. In other words, you can usethis technique to control not only who can access, but how, where, orwhen they can access data.

Cloudsecurity considerations: This good general article is abouthigh-level cloud security concepts. This is just the tip of theiceberg, but it does give a very concise overview.

Extra credit

Model-drivencloud security:This article discusses the challenges of cloud application securitypolicy automation and describes how it can be achieved through amodel-driven security architecture and deployment.

[This article was submitted for future publication on ThoughtsOnCloud.com]

There is a lot of discussion here aboutcloud for business, but what about cloud for Everyman – the averageJoe – the man on the street? How will cloud computing change lifefor the average person? In short, cloud has already changed thingssignificantly, and will continue to have an impact on our lives foryears to come.

Acloud of sound

There are numerous applications nowavailable for people to create, record, upload, and share music withthe world. As a musician, I think this is awesome and amazing. I canshare my favorite songs with my friends on social networks, and I canlisten to their favorite songs – all for the price of “a song”(essentially, for free). I wonder how this has affected the musicbusiness, and how it will impact the future of the music industry? Iimagine that it has provided more opportunities to musicians, andmade music more accessible to a wider audience. It has been a boon tothe independent artists and small record labels, but have the bigrecord companies suffered as a result? I grew up in an era ofmega-rock stars and arena tours, but those days are gone. They willbe the stuff of legends that I will tell my grand kids.

Acloud of words

If you want to publish your own book ormagazine, there are many options available to you, thanks to cloud.Actually, cloud has made the term self-publishing essentiallymeaningless. All of the publishing tools that you could possibly needare now provided on the cloud – everything from editing andproduction, to distribution and finding an audience. It has takenself-publishing quite a number of steps further than merely making abook. The distinction is more a matter of “corporate” publishing(the big companies) versus independent presses and smaller co-ops.For the rest of us, this means that if we have Internet connection,we can find something to read about anything. ANYTHING. The historyof the Belgian lute? How to make beef jerky? Card games of the middleages? It’s all there.

Acloud of images

…and most of those images are ofcats. Seriously. Do you know anyone with a cat who hasn’t posted aphoto of it on the Internet? But it’s not just about the Internet.The Internet gives us the network to share our books and music andimages with the world, but cloud gives us the tools andservices that make it possible for us to create those books, songs,and images. We are not merely uploading our photos, we are editingthem, collecting them into albums, turning them into videos withsound, and so on.

We will soon rely on cloud for allkinds of services. When we go shopping, the cloud will send couponsfor the products we want to buy directly to our smart phone or mobiledevice. When we seek medical care, our diagnosis will come from thecloud. When we are traveling in a foreign country, cloud willtranslate for us.